Press "Enter" to skip to content

Gartner Magic Quadrant for Web Application Firewalls (2018,2017,2016)

0

A web application firewall (WAF) is an application firewall for HTTP applications. It applies a set of rules to an HTTP conversation. Generally, these rules cover common attacks such as cross-site scripting (XSS) and SQL injection. While proxies generally protect clients, WAFs protect servers. A WAF is deployed to protect a specific web application or set of web applications. A…

Cisco Web Security Appliance S190 – Web GUI

0

Cisco® Web Security Appliance (WSA) offers malware protection, application visibility and control, acceptable use policy controls, insightful reporting and secure mobility to enterprise network.  The Cisco WSA is a forward proxy that can be deployed in either Explicit mode (proxy automatic configuration [PAC] files, Web Proxy Auto-Discovery [WPAD], browser settings) or Transparent mode (Web Cache Communication Protocol [WCCP], Policy-Based Routing [PBR], load…

Sysinternals Tool – Sysmon Usage Tips and Tricks

0

Microsoft Sysinternals tool Sysmon is a service and device driver, that once installed on a system, logs indicators that can greatly help track malicious activity in addition to help with general troubleshooting. Basic Sysmon Usage commands: Installation: sysmon -i -accepteula [options] Extracts binaries into %systemroot% Registers event log manifest Enables default configuration Note: Once this command runs, the Sysmon service is installed,…

How to Find Out Windows Process Sending Traffic, Especially ICMP Packets

0

There are a number of different ways to find out which process is sending tcp / udp traffic in computer systems, but not much for icmp traffic. Here is a summary for the ways to do it. 1. Install a local firewall You could always try installing a firewall that blocks outgoing traffic or use the Windows Firewall. When the…

Windows Command Line Remote Troubleshooting Tools

0

Here are some scripts and methods to do remote troubleshooting or running some commands in remote machines. I found they are very useful especially in a enterprise environment if you have your domain admin account. Prerequisites to run remote commands Install .NET Framework 4.5.2 from \\shareserver\it\$Install\Scripting prerequisites\NDP452-KB2901907-x86-x64-AllOS-ENU.exe or from https://www.microsoft.com/en-ca/download/details.aspx?id=42642 Install Windows Management Framework 5.1:  copy the folder \\shareserver\it\$Install\Scripting prerequisite\Windows Management…

ArcSight SIEM Logger

0

ArcSight Logger is one of products from Micro Focus SIEM platform. It  streams real-time data and categorizes them into specific logs and easily integrates with Security Operations. As a result, organizations of any size can use this high performance log data repository to aid in faster forensic analysis of IT operations, application development, and cyber security issues, and to simultaneously…

Red hat Openshift Deploy Image Example – Create V2Ray Server

0

Red Hat® OpenShift® is a comprehensive enterprise-grade application platform, built for containers with Kubernetes. It can automate the build, deployment, and management of applications so that you can focus on writing the code for your next big idea. Basically OpenShift is Red Hat’s Cloud platform as a service (PaaS). It provides a free and open source cloud-based platform allows developers…